Chinese-linked hackers have recently been using bugs in Microsofts mail program Exchange, says the American software maker. This calls on users to download an update to correct the leaks in that program.
The hackers took advantage of multiple vulnerabilities in Microsoft Exchange Server and could not only get into mail accounts, but also install their own software on computers. This allows them to keep access to that computer in the longer term. According to Microsoft, this is a limited number of attacks, which were very targeted.
According to Microsoft, the responsible hackers come from China and operate with government support there. The group would mainly target companies, universities and research institutes dealing with issues such as infectious diseases and military technology.
Before Microsofts warning, security researchers already noticed more activity. For example, computer maker Dells Mike McLellan informed that there was already a peak in activity on Exchange servers last Sunday evening. According to him, this activity was now mainly aimed at injecting computers with their own software, but it seems that the hackers are preparing for a bigger attack.
“ Unfounded accusations”
China is fiercely opposed to all forms of cyber attacks, said a spokesman for the State Department in response to Microsofts allegations. He called on media and companies to be “responsible and professional” and not to go on “unfounded accusations.”
The National Cyber Security Center of the Dutch government recommends installing the Microsoft updates “in the short term.” The risk is high, warns the body, which is part of the Ministry of Justice and Security.
Microsoft assigns the hacking work to a new hacker group called Hafnium. According to the software company, its “highly skilled and advanced.”